//package com.rong.maven01demo.config;
//
//import org.springframework.context.annotation.Bean;
//import org.springframework.security.authentication.AuthenticationManager;
//import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
//import org.springframework.security.config.annotation.web.builders.HttpSecurity;
//import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
//import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
//import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
//import org.springframework.security.crypto.password.PasswordEncoder;
//
//@EnableWebSecurity
//public class SecurityConfig extends WebSecurityConfigurerAdapter {
//    /**
//     * 定义认证规则，账号密码
//     * @param auth
//     * @throws Exception
//     */
//    @Override
//    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
//        auth.inMemoryAuthentication().passwordEncoder(new BCryptPasswordEncoder())
//                .withUser("common").password(new BCryptPasswordEncoder().encode("123456")).roles("common").and()
//                .withUser("vip").password(new BCryptPasswordEncoder().encode("123456")).roles("vip").and()
//                .withUser("admin").password(new BCryptPasswordEncoder().encode("123456")).roles("admin");
//
//    }
//
//    /**
//     * 定义权限，功能读写
//     * @param http
//     * @throws Exception
//     */
//    @Override
//    protected void configure(HttpSecurity http) throws Exception {
//        http.authorizeRequests().antMatchers("/").permitAll().antMatchers("/toLogin").permitAll();
////        http.authorizeRequests().antMatchers("/toLogin").permitAll()
////                .antMatchers("/user/**").hasRole("common")
////                .antMatchers("/train/**").hasRole("vip")
////                .antMatchers("/**").hasRole("admin");
////        http.formLogin().loginPage("/login").usernameParameter("username").passwordParameter("password");
//
////        //开启自动配置的登录功能：如果没有权限，就会跳转到登录页面！
////        // /login 请求来到登录页
////        // /login?error 重定向到这里表示登录失败
////        http.formLogin()
////                .usernameParameter("username")
////                .passwordParameter("password")
////                .loginPage("/toLogin")
////                .loginProcessingUrl("/login"); // 登陆表单提交请求
////
////        //开启自动配置的注销的功能
////        // /logout 注销请求
////        // .logoutSuccessUrl("/"); 注销成功来到首页
////
////        http.csrf().disable();//关闭csrf功能:跨站请求伪造,默认只能通过post方式提交logout请求
////        http.logout().logoutSuccessUrl("/");
////
////        //记住我
////        http.rememberMe().rememberMeParameter("remember");
//    }
//
//    @Bean
//    @Override
//    public AuthenticationManager authenticationManagerBean() throws Exception {
//        return super.authenticationManagerBean();
//    }
//
//    @Bean
//    public PasswordEncoder passwordEncoder(){
//        return new BCryptPasswordEncoder();
//    }
//}
